dzban.site Open in urlscan Pro
213.186.33.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dzban.site/
Submission: On March 03 via api (March 3rd 2023, 7:55:11 am UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 213.186.33.5, located in France and belongs to OVH, FR. The main domain is dzban.site.

This is the only time dzban.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.186.33.5 213.186.33.5	16276 (OVH) (OVH)
6	2606:4700:303... 2606:4700:3035::6815:ce4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.219.221.210 54.219.221.210	16509 (AMAZON-02) (AMAZON-02)
1	23.49.248.19 23.49.248.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	5

1 213.186.33.5 (France)

ASN16276 (OVH, FR)
PTR: redirect.ovh.net

dzban.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:ce4 (United States)

ASN13335 (CLOUDFLARENET, US)

allgo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.219.221.210 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-221-210.us-west-1.compute.amazonaws.com

meetdateflirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.49.248.19 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-19.deploy.static.akamaitechnologies.com

www.flirt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	allgo.xyz allgo.xyz	5 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	18 KB
1	flirt.com www.flirt.com
1	meetdateflirt.com 1 redirects meetdateflirt.com	1 KB
1	dzban.site dzban.site	1 KB
0	flirtydelights.com Failed www.flirtydelights.com Failed
16	6

	Domain	Requested by
6	allgo.xyz	dzban.site allgo.xyz static.cloudflareinsights.com
3	static.cloudflareinsights.com	allgo.xyz
1	www.flirt.com	allgo.xyz
1	meetdateflirt.com	1 redirects
1	dzban.site
0	www.flirtydelights.com Failed	allgo.xyz
16	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-03-01`	a year	crt.sh
flirt.com R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://dzban.site/
Frame ID: 4FDC0542FBE0C7A377B412A97357D5B8
Requests: 1 HTTP requests in this frame

Frame: https://www.flirt.com/aff.php?tds_ac_id=s2581pod&utm_term=1&tds_reason=direct&utm_source=int&_disAL=true&tds_id=b1433pod_lp_a_1640272705463_flirt&utm_funnel=tds&tds_oid=4375436&dci=a3db761a9d273b254828957f58285081b47475af&utm_ex=a&tds_host=meetdateflirt.com&tds_ao=1&utm_content=29194067&tds_campaign=b1433pod&utm_sub=opnfnlconf&s1=int&tdsId=b1433pod_lp_a_1640272705463_flirt&s3=%7Bsubid2%7D&p_tds_cid=&btUrl=aHR0cHM6Ly9tZWV0ZGF0ZWZsaXJ0LmNvbS90ZHMvYWUvY2Ivcy83NTM4M2MyNGExNDM2NDEzODIxNTJhMDczYTU0ZDY1ZT9fX3Q9MTY3NzgzMDEwNzQ1MCZfX2w9MzYwMA%3D%3D&data2=aef30f42d0972d69638894ca79e011&tds_ps=a&dynamicpage=all_wlp_5st_halfphoto_v2_a&tds_cid=05470b0ca9bd214e4bd9ed3b816a8430b351a278&utm_campaign=e166c83b&tds_path=%2Ftds%2Fae
Frame ID: 3FFE777CAB3092A1CF1093C34B0504F5
Requests: 5 HTTP requests in this frame

Frame: https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986
Frame ID: A65785E6D48FE4973FCB1B02DE1912BA
Requests: 5 HTTP requests in this frame

Frame: https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986
Frame ID: 949E2A53F58116CEFF2D6847B7AF42A5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

16
Requests

63 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

24 kB
Transfer

54 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://meetdateflirt.com/tds/ae?tds_campaign=s2581pod&tdsId=s2581pod_r&s1=int&utm_source=int&utm_term=1&clickid=aef30f42d0972d69638894ca79e011&subid=29194067&affid=e166c83b HTTP 302
https://www.flirt.com/aff.php?tds_ac_id=s2581pod&utm_term=1&tds_reason=direct&utm_source=int&_disAL=true&tds_id=b1433pod_lp_a_1640272705463_flirt&utm_funnel=tds&tds_oid=4375436&dci=a3db761a9d273b254828957f58285081b47475af&utm_ex=a&tds_host=meetdateflirt.com&tds_ao=1&utm_content=29194067&tds_campaign=b1433pod&utm_sub=opnfnlconf&s1=int&tdsId=b1433pod_lp_a_1640272705463_flirt&s3=%7Bsubid2%7D&p_tds_cid=&btUrl=aHR0cHM6Ly9tZWV0ZGF0ZWZsaXJ0LmNvbS90ZHMvYWUvY2Ivcy83NTM4M2MyNGExNDM2NDEzODIxNTJhMDczYTU0ZDY1ZT9fX3Q9MTY3NzgzMDEwNzQ1MCZfX2w9MzYwMA%3D%3D&data2=aef30f42d0972d69638894ca79e011&tds_ps=a&dynamicpage=all_wlp_5st_halfphoto_v2_a&tds_cid=05470b0ca9bd214e4bd9ed3b816a8430b351a278&utm_campaign=e166c83b&tds_path=%2Ftds%2Fae

Request Chain 10

https://track.adttrk.com/aff_c?offer_id=4383&aff_id=2299&url_id=50298&aff_click_id=b0331f858dd2031d1cf76ec04d8355&aff_sub=72572986 HTTP 302
https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986

Request Chain 11

https://track.adttrk.com/aff_c?offer_id=4383&aff_id=2299&url_id=50298&aff_click_id=b0331f858dd2031d1cf76ec04d8355&aff_sub=72572986 HTTP 302
https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dzban.site/ 777 B
1 KB 569ms
162ms Document
text/html 213.186.33.5
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://dzban.site/
Protocol: HTTP/1.1
Server: 213.186.33.5 , France, ASN16276 (OVH, FR),
Reverse DNS: redirect.ovh.net
Software: nginx /
Resource Hash: accaa81e3941fc245f2c500e8dbf860fcd5b32006b2802a3fc3f87e3795b4e0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 07:55:04 GMT
server: nginx
transfer-encoding: chunked
x-iplb-instance: 16980
x-iplb-request-id: 26847644:A502_D5BA2105:0050_6401A7D8_13FAB69:288BC

GET
H2 200 29194067 Show response
allgo.xyz/link/97/ Frame 3FFE 1 KB
2 KB 558ms
376ms Document
text/html 2606:4700:3035::6815:ce4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allgo.xyz/link/97/29194067

Requested by

Host: dzban.site
URL: http://dzban.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:ce4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618d9462351542a3d4552d996e99089ff0ae780e3aa2ed26903927653ee669ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dzban.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7a2050acb9afda4f-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 07:55:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9CsmBQbrNexAtnzw6%2FoAD1e1dD1KthgAniDj1wo5kXbB8z7vLPg2UN3pIhOreSdiV6o7%2FbCRFM5EF%2BKxmS0QFgrlXt8CyKLZ8iVcKe9txP1bJOPwTigLVHbv2%2B%2FlD0j4wJ9KCSS1mo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3FFE 17 KB
6 KB 217ms
67ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: allgo.xyz
URL: https://allgo.xyz/link/97/29194067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://allgo.xyz/
Origin: https://allgo.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:55:05 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a2050b0c96bdad9-MIA

GET
H2 200 72572986 Show response
allgo.xyz/link/1840/ Frame A657 1 KB
1 KB 197ms
196ms Document
text/html 2606:4700:3035::6815:ce4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allgo.xyz/link/1840/72572986

Requested by

Host: allgo.xyz
URL: https://allgo.xyz/link/97/29194067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:ce4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d9e2dac09da2e26f12ff3c7f49b8c67b0b54732d99e1d68622828252296a192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://allgo.xyz/link/97/29194067
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7a2050affb79da4f-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 07:55:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoN32h%2F8JJjh7TK1bMdjqdyEkkXImV9uCfmfYMPiG8DUOPx857OHcbOmbd8%2B3CtHMazCgtd7IqOoCwaL%2FxfWyhfmynJORUD%2FqdhdmTXU3Bl%2BA3pDZDmkx9aw0kWDsVWbKIDsJCcTfcY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame A657 17 KB
6 KB 68ms
68ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: allgo.xyz
URL: https://allgo.xyz/link/1840/72572986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://allgo.xyz/
Origin: https://allgo.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:55:05 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a2050b1ba44dad9-MIA

GET
H2 200 72572986 Show response
allgo.xyz/link/1840/ Frame 949E 1 KB
1 KB 221ms
216ms Document
text/html 2606:4700:3035::6815:ce4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allgo.xyz/link/1840/72572986

Requested by

Host: allgo.xyz
URL: https://allgo.xyz/link/1840/72572986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:ce4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

888c81d485e555ccf3c0f541a31968afa8afb5cb1245855b20e5a526cf7633da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://allgo.xyz/link/1840/72572986
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7a2050b1cc6bda4f-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 07:55:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grJqBga%2Bj8ZQyje27p6%2BYWoJFP1qn7L3xgtPPcJmfF%2F7LzJzwgh9gWKvGTh9E5ZWsZXpgl037LynZcZilyNQCaR%2BmeC1dFfdVi5u7IAS5MDn9XpEYx0gXE%2B6z55zTfuLgSNtGE1Wo84%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 949E 17 KB
6 KB 72ms
62ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: allgo.xyz
URL: https://allgo.xyz/link/1840/72572986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://allgo.xyz/
Origin: https://allgo.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:55:06 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a2050b38b93dad9-MIA

POST
H3 204 rum Show response
allgo.xyz/cdn-cgi/ Frame 949E 0
173 B 53ms
53ms XHR
text/plain 2606:4700:3035::6815:ce4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allgo.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:ce4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://allgo.xyz/link/1840/72572986
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 Mar 2023 07:55:06 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://allgo.xyz
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a2050b418703361-MIA

POST
H3 204 rum Show response
allgo.xyz/cdn-cgi/ Frame A657 0
137 B 56ms
55ms XHR
text/plain 2606:4700:3035::6815:ce4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allgo.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:ce4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://allgo.xyz/link/1840/72572986
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 Mar 2023 07:55:06 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://allgo.xyz
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a2050b418723361-MIA

POST
H3 204 rum Show response
allgo.xyz/cdn-cgi/ Frame 3FFE 0
137 B 59ms
58ms XHR
text/plain 2606:4700:3035::6815:ce4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allgo.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:ce4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://allgo.xyz/link/97/29194067
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 Mar 2023 07:55:06 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://allgo.xyz
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a2050b418733361-MIA

GET
H2

200

aff.php
www.flirt.com/ Frame 3FFE
Redirect Chain

https://meetdateflirt.com/tds/ae?tds_campaign=s2581pod&tdsId=s2581pod_r&s1=int&utm_source=int&utm_term=1&clickid=aef30f42d0972d69638894ca79e011&subid=29194067&affid=e166c83b
https://www.flirt.com/aff.php?tds_ac_id=s2581pod&utm_term=1&tds_reason=direct&utm_source=int&_disAL=true&tds_id=b1433pod_lp_a_1640272705463_flirt&utm_funnel=tds&tds_oid=4375436&dci=a3db761a9d273b25...

0
0

744ms
448ms

Document
text/html

23.49.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flirt.com/aff.php?tds_ac_id=s2581pod&utm_term=1&tds_reason=direct&utm_source=int&_disAL=true&tds_id=b1433pod_lp_a_1640272705463_flirt&utm_funnel=tds&tds_oid=4375436&dci=a3db761a9d273b254828957f58285081b47475af&utm_ex=a&tds_host=meetdateflirt.com&tds_ao=1&utm_content=29194067&tds_campaign=b1433pod&utm_sub=opnfnlconf&s1=int&tdsId=b1433pod_lp_a_1640272705463_flirt&s3=%7Bsubid2%7D&p_tds_cid=&btUrl=aHR0cHM6Ly9tZWV0ZGF0ZWZsaXJ0LmNvbS90ZHMvYWUvY2Ivcy83NTM4M2MyNGExNDM2NDEzODIxNTJhMDczYTU0ZDY1ZT9fX3Q9MTY3NzgzMDEwNzQ1MCZfX2w9MzYwMA%3D%3D&data2=aef30f42d0972d69638894ca79e011&tds_ps=a&dynamicpage=all_wlp_5st_halfphoto_v2_a&tds_cid=05470b0ca9bd214e4bd9ed3b816a8430b351a278&utm_campaign=e166c83b&tds_path=%2Ftds%2Fae

Requested by

Host: allgo.xyz
URL: https://allgo.xyz/link/97/29194067

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.19 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://allgo.xyz/link/97/29194067
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 5831
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 07:55:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-akamai-transformed: 9 5631 0 pmb=mTOE,2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin: *
date: Fri, 03 Mar 2023 07:55:07 GMT
location: https://www.flirt.com/aff.php?tds_ac_id=s2581pod&utm_term=1&tds_reason=direct&utm_source=int&_disAL=true&tds_id=b1433pod_lp_a_1640272705463_flirt&utm_funnel=tds&tds_oid=4375436&dci=a3db761a9d273b254828957f58285081b47475af&utm_ex=a&tds_host=meetdateflirt.com&tds_ao=1&utm_content=29194067&tds_campaign=b1433pod&utm_sub=opnfnlconf&s1=int&tdsId=b1433pod_lp_a_1640272705463_flirt&s3=%7Bsubid2%7D&p_tds_cid=&btUrl=aHR0cHM6Ly9tZWV0ZGF0ZWZsaXJ0LmNvbS90ZHMvYWUvY2Ivcy83NTM4M2MyNGExNDM2NDEzODIxNTJhMDczYTU0ZDY1ZT9fX3Q9MTY3NzgzMDEwNzQ1MCZfX2w9MzYwMA%3D%3D&data2=aef30f42d0972d69638894ca79e011&tds_ps=a&dynamicpage=all_wlp_5st_halfphoto_v2_a&tds_cid=05470b0ca9bd214e4bd9ed3b816a8430b351a278&utm_campaign=e166c83b&tds_path=%2Ftds%2Fae
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx
timing-allow-origin: *

GET

landing2
www.flirtydelights.com/ Frame A657
Redirect Chain

https://track.adttrk.com/aff_c?offer_id=4383&aff_id=2299&url_id=50298&aff_click_id=b0331f858dd2031d1cf76ec04d8355&aff_sub=72572986
https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986

0
0

GET

landing2
www.flirtydelights.com/ Frame 949E
Redirect Chain

https://track.adttrk.com/aff_c?offer_id=4383&aff_id=2299&url_id=50298&aff_click_id=b0331f858dd2031d1cf76ec04d8355&aff_sub=72572986
https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986

0
0

POST rum
allgo.xyz/cdn-cgi/ Frame 3FFE 0
0

POST rum
allgo.xyz/cdn-cgi/ Frame A657 0
0

POST rum
allgo.xyz/cdn-cgi/ Frame 949E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.flirtydelights.com
URL: https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986

Domain: www.flirtydelights.com
URL: https://www.flirtydelights.com/landing2?cat=milf&pt1=10248ddf3d74ff1d74505b2a0f2939&pi=2299&pe=72572986

Domain: allgo.xyz
URL: https://allgo.xyz/cdn-cgi/rum?

Domain: allgo.xyz
URL: https://allgo.xyz/cdn-cgi/rum?

Domain: allgo.xyz
URL: https://allgo.xyz/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dzban.site/	1969-12-31 23:59:59	Name: SERVERID77446 Value: 200176\|ZAGn2\|ZAGn2
.meetdateflirt.com/	1970-01-20 18:49:26	Name: dci Value: a3db761a9d273b254828957f58285081b47475af
track.adttrk.com/	1970-01-20 10:05:16	Name: aff_ran_url_4383 Value: 50298
track.adttrk.com/	1970-01-20 19:39:50	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMC4wLjU0ODEuMTc3IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
track.adttrk.com/	1970-01-20 10:48:28	Name: enc_aff_session_4383 Value: ENC0325203924ba3420839857dfd96b27c5e8e776d9a355fdacbf24ad4a0dddc30e0755063e3151ed89594aefc5d94fe843d84304922c099547c2e9c63704356ee0b4ce07a6c650db1f6dd0212f90ef2a050f712bdd831a1f1329607696ebcba519c5806f53f2c57e8378c33d8c160b7938696ecfadd404f61894409116d3b147984aa93c5b3a9355a6444a597328d78512bc75f006ee631f6f3c16e8ba8f49f83b745cb349be6de6f5a751e68167e6acf7606a65c46db8fa374832afb2438f9550e9193acb69

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to frame 'https://www.flirt.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allgo.xyz
dzban.site
meetdateflirt.com
static.cloudflareinsights.com
www.flirt.com
www.flirtydelights.com
allgo.xyz
www.flirtydelights.com
213.186.33.5
23.49.248.19
2606:4700:3035::6815:ce4
2606:4700::6810:3865
54.219.221.210
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
618d9462351542a3d4552d996e99089ff0ae780e3aa2ed26903927653ee669ce
7d9e2dac09da2e26f12ff3c7f49b8c67b0b54732d99e1d68622828252296a192
888c81d485e555ccf3c0f541a31968afa8afb5cb1245855b20e5a526cf7633da
accaa81e3941fc245f2c500e8dbf860fcd5b32006b2802a3fc3f87e3795b4e0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

dzban.site Open in urlscan Pro 213.186.33.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

63 %HTTPS

40 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

24 kBTransfer

54 kBSize

5 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

dzban.site Open in urlscan Pro
213.186.33.5 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

63 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

24 kB
Transfer

54 kB
Size

5
Cookies

16 HTTP transactions
0 data transactions